#32088: Proposal 310 - choose guards in sampled order --------------------------------------+------------------------------------ Reporter: Jaym | Owner: (none) Type: enhancement | Status: needs_review Priority: Medium | Milestone: Tor: 0.4.4.x-final Component: Core Tor/Tor | Version: Severity: Normal | Resolution: Keywords: tor-spec prop271 prop310 | Actual Points: Parent ID: | Points: Reviewer: nickm | Sponsor: --------------------------------------+------------------------------------
Comment (by teor): Replying to [comment:14 Jaym]: > The pull request has been updated. > > On loading, Tor sets the sampled_idx to the confirmed_idx. That should keep older clients to behave the same (and not reordering primary guards). On the next state save, the sampled_idx should be made dense. > > Also, the patch applies now ordering when it seems necessary (a couple of redundant orderings have been removed). Thanks! > Also, I was concerned by the fact that Tor assumes integrity of the state when loading it. If some application has write access to this file, making the client rotate guards until a chosen one is found shouldn't be too much of a hard task. Is that kind of threat relevant? An attacker who can modify files on the local system could do many worse things. So those attacks are not really part of tor's threat model. To defend against those kinds of attacks, people should use an amnesiac system like TAILS. File corruption is a risk, though. And tor could detect file corruption earlier with checksums. But that's a different ticket :-) -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/32088#comment:17> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs